September 9, 2012

NSA Official: Cyber Attacks Becoming More And More “Reckless”

Brett Smith for — Your Universe Online

While violent, physical attacks between and among nations aren´t a common occurrence these days, the same can´t be said in the murky world of cyberspace where attacks are becoming more brazen than ever, according to the National Security Agency.

"We're starting to see nation-state resources and expertise employed in what we would characterize as reckless and disruptive, destructive behaviors,” said NSA Information Assurance Directorate Deborah Plunkett at a recent forum at the Polytechnic Institute of New York University.

Plunkett said even back in the days of the Cold War, nations exhibited some sense of restraint when it came to computerized activities.

"Some of today's national cyber actors don't seem to be bound by any sense of restraint," she noted.

Many are government officials are urging the United States will pass legislation to deal with cyber security issues. Earlier this summer, the Cyber Intelligence Sharing and Protection Act (CISPA) stalled in Congress after negotiations among lawmakers broke down and resulted in a Republican filibuster.

CISPA alarmed privacy advocates because it would have allowed businesses to give private data about their customers to governmental intelligence agencies. According to the New York Times, the U.S. Chamber of Commerce opposed the legislation on the grounds that it would be an economic burden.

In light of the Congress´s failure to pass some type of cyber security law, the Obama administration is currently circulating an executive order designed to increase cyber security, according to the Hill. The congressional publication also said that the order would create a “voluntary program where companies operating critical infrastructure would elect to meet cybersecurity best practices and standards crafted, in part, by the government.”

Plunkett´s complaints of unrestrained cyber attacks is somewhat ironic as the Obama administration has reported launched its own aggressive cyber campaign against international targets like Iran´s nuclear reactors.

A 2009 attack on Google by a large hacker group highlights Washington´s need for increased focus on cyber attacks. Internet security firm Symantec said the group had used a technique that allowed attackers to hack into highly secured systems–suggesting that the hackers were either a large criminal organization or had the backing of a nation-state. Symantec also conceded that the Google attack could have come from the nation-state itself.

Many security experts widely believe that nation-state was China; however, Chinese officials have denied their country is a source of cyber attacks against the United States or its companies. Hacktivists not officially affiliated with any government have also been a cause for popular concern.

Despite the American government´s failure to pass legislation that bolsters its cyber security, observers, including Plunkett, are hopeful that a measure will be passed in what is expected to be a deluge of legislation that occurs after the November 6, elections.

"I am thrilled that the conversation is happening. Am I disappointed that we're not there? Sure ... I predict we're going to have legislation. It will happen ... and I'm also pretty convinced that one year after it happens, we'll think it's not enough," Plunkett said.